CyberSight: Security

Security Information

CyberSight's Unique Security Engine Hacking, Zero-Day Exploits Security FAQ's What Security Companies Don't Want you to Know Fact Attack:
A Few Facts About Security Fill the Large Gaps Stop Industrial Espionage Urban Myths

What Security Companies Don't Want You to Know

Headlines -- "Hacker catches out travel firms", "Cabinet Office hit by 6,000 Cyber attacks", "Hacker penetrates US military", just a few stories to hit the news recently. Of course there are numerous other instances of attack and threat including Bugbear, one of the nastiest threats yet released and almost certainly active on thousands of systems worldwide.

Now, ask yourself this question, "if computer security is working, why all these incidents?". The answer to the question, if you hadn't already guessed, is that it clearly isn't.

Let us not forget that these are not a few unrelated incidents against small to medium organisations; these are attacks against systems that one would expect to have the very highest levels of protection.

Security Today

Security products are usually focused on a single detection methodology. They therefore detect threats that, simply, are of the same family or type. The lack of an effective integrated security product has resulted in organisations having to layer multiple products in an attempt to provide the most effective protection. This in turn has given rise to the myth that to have good security you need to implement a solution based on multiple technologies.

There are reasons why this approach is now both outdated and potentially dangerous; the examples at the beginning prove this approach doesn't work and the reason it doesn't is frightening - it is that the technologies being used to implement a multi-layered system are themselves vulnerable to attack, or lack the capability to cater for the latest techniques used by attackers.

Another major flaw in current security implementations is the obsession with "ring-fence" architecture. This methodology grew from a genuine fear of external attack and assumed that by restricting inbound and outbound information and activities to certain categories you could achieve a nirvana like state of independent isolation from those that seek to harm. A bit of a nonsense when you consider that today's statistics show that somewhere in the region of 80% of attacks emanate from the inside.

It is now known that the Pentagon hacker used "off-the-shelf" tools that are freely available and that he did not have a significant level of expertise. Perish the thought an "expert" has a go!

Where to . . .

There will never be a single solution, there will never be absolute protection and we would not want to propagate the belief that there will be. However it is clear that a different approach is needed. The old saying "if it's not broken don't fix it" does not apply - security, if not yet completely broken, is in a bad way and needs help.

We have a fresh approach to security; most products cater for threats based about a single category - virus, trojan and so forth. Our product detects threats in over 320 categories of which trojans are just one. Current products are based about a disabling paradigm, ours about an enabling one. Other products constrict and hog resources - our product works transparently regardless of installation size: 100, 1,000, 20,000 or more systems can be protected with no loss of functionality, no loss of client performance and virtually no increase in network traffic.

Other products can only detect certain threats - our product knows that threats come from everywhere and so detects internal and external attack, unknown threats, user abuse, unknown devices, document tampering, misuse of resource, hardware theft, software piracy; the list is extensive, the capabilities comprehensive, the cost, much less than you would expect.